MCPcopy
hub / github.com/grpc/grpc-go / TestTLS_CipherSuitesOverridable

Method TestTLS_CipherSuitesOverridable

credentials/tls_ext_test.go:335–408  ·  view source on GitHub ↗

Tests that CipherSuites is not overridden when it is set.

(t *testing.T)

Source from the content-addressed store, hash-verified

333
334// Tests that CipherSuites is not overridden when it is set.
335func (s) TestTLS_CipherSuitesOverridable(t *testing.T) {
336 ctx, cancel := context.WithTimeout(context.Background(), defaultTestTimeout)
337 defer cancel()
338
339 testCases := []struct {
340 name string
341 serverTLS func() *tls.Config
342 }{
343 {
344 name: "base_case",
345 serverTLS: func() *tls.Config {
346 return &tls.Config{
347 Certificates: []tls.Certificate{serverCert},
348 CipherSuites: []uint16{tls.TLS_RSA_WITH_AES_128_CBC_SHA},
349 }
350 },
351 },
352 {
353 name: "fallback_to_base",
354 serverTLS: func() *tls.Config {
355 config := &tls.Config{
356 Certificates: []tls.Certificate{serverCert},
357 CipherSuites: []uint16{tls.TLS_RSA_WITH_AES_128_CBC_SHA},
358 }
359 config.GetConfigForClient = func(*tls.ClientHelloInfo) (*tls.Config, error) {
360 return nil, nil
361 }
362 return config
363 },
364 },
365 {
366 name: "dynamic_using_get_config_for_client",
367 serverTLS: func() *tls.Config {
368 return &tls.Config{
369 GetConfigForClient: func(*tls.ClientHelloInfo) (*tls.Config, error) {
370 return &tls.Config{
371 Certificates: []tls.Certificate{serverCert},
372 CipherSuites: []uint16{tls.TLS_RSA_WITH_AES_128_CBC_SHA},
373 }, nil
374 },
375 }
376 },
377 },
378 }
379
380 for _, tc := range testCases {
381 t.Run(tc.name, func(t *testing.T) {
382 // Create server that allows only a forbidden cipher suite.
383 serverCreds := credentials.NewTLS(tc.serverTLS())
384 ss := stubserver.StubServer{
385 EmptyCallF: func(context.Context, *testpb.Empty) (*testpb.Empty, error) {
386 return &testpb.Empty{}, nil
387 },
388 }
389
390 // Create server that allows only a forbidden cipher suite.
391 clientCreds := credentials.NewTLS(&tls.Config{
392 ServerName: serverName,

Callers

nothing calls this directly

Calls 7

StartMethod · 0.95
StopMethod · 0.95
NewTLSFunction · 0.92
CredsFunction · 0.92
WithTransportCredentialsFunction · 0.92
FatalfMethod · 0.65
EmptyCallMethod · 0.65

Tested by

no test coverage detected